Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake Internet Banking Page and Fake Adobe Flash Player


  • Please log in to reply
14 replies to this topic

#1 03holtj

03holtj

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 22 April 2012 - 11:44 AM

Hello,
I use windows 7 and firefox. I recently had a fake adobe flashplayer download pop up and redirection from google, having looked at other forum posts, I think I have solved this problem. However, whenever I start firefox my homepage is my internet banking sign on page, I have tried changing it in internet setttings but as soon as I close the window and repopen it the settings have changed again. I have tried to sort out my firewall but whenever I do it comes up with and error message saying "Windows Firewall can't change some of your settings. Error Code 0x80070424". I ran Malwarebytes but it didn't find anything, here is the log,

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.22.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Joe :: JOE-PC [administrator]

Protection: Disabled

Thanks

22/04/2012 17:38:06
mbam-log-2012-04-22 (17-38-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224281
Time elapsed: 4 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 AM

Posted 22 April 2012 - 12:49 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 03holtj

03holtj
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 22 April 2012 - 05:13 PM

23:01:13.0061 2820 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
23:01:13.0177 2820 ============================================================
23:01:13.0177 2820 Current date / time: 2012/04/22 23:01:13.0177
23:01:13.0177 2820 SystemInfo:
23:01:13.0177 2820
23:01:13.0177 2820 OS Version: 6.1.7601 ServicePack: 1.0
23:01:13.0177 2820 Product type: Workstation
23:01:13.0177 2820 ComputerName: JOE-PC
23:01:13.0177 2820 UserName: Joe
23:01:13.0177 2820 Windows directory: C:\Windows
23:01:13.0177 2820 System windows directory: C:\Windows
23:01:13.0177 2820 Processor architecture: Intel x86
23:01:13.0177 2820 Number of processors: 2
23:01:13.0177 2820 Page size: 0x1000
23:01:13.0177 2820 Boot type: Normal boot
23:01:13.0177 2820 ============================================================
23:01:14.0225 2820 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:01:14.0246 2820 \Device\Harddisk0\DR0:
23:01:14.0246 2820 MBR partitions:
23:01:14.0246 2820 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:01:14.0246 2820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
23:01:14.0290 2820 C: <-> \Device\Harddisk0\DR0\Partition1
23:01:14.0290 2820 Initialize success
23:01:14.0290 2820 ============================================================
23:01:20.0198 3120 ============================================================
23:01:20.0198 3120 Scan started
23:01:20.0198 3120 Mode: Manual; TDLFS;
23:01:20.0198 3120 ============================================================
23:01:21.0268 3120 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
23:01:21.0269 3120 1394ohci - ok
23:01:21.0300 3120 A4S2600 - ok
23:01:21.0330 3120 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
23:01:21.0332 3120 ACPI - ok
23:01:21.0369 3120 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
23:01:21.0370 3120 AcpiPmi - ok
23:01:21.0444 3120 ADIDTSFiltService - ok
23:01:21.0520 3120 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:01:21.0523 3120 AdobeFlashPlayerUpdateSvc - ok
23:01:21.0577 3120 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
23:01:21.0580 3120 adp94xx - ok
23:01:21.0641 3120 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
23:01:21.0643 3120 adpahci - ok
23:01:21.0663 3120 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
23:01:21.0664 3120 adpu320 - ok
23:01:21.0698 3120 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
23:01:21.0700 3120 AeLookupSvc - ok
23:01:21.0750 3120 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
23:01:21.0753 3120 AFD - ok
23:01:21.0819 3120 AFGMp50 - ok
23:01:21.0851 3120 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
23:01:21.0852 3120 agp440 - ok
23:01:21.0895 3120 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
23:01:21.0896 3120 aic78xx - ok
23:01:21.0935 3120 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
23:01:21.0936 3120 ALG - ok
23:01:21.0988 3120 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
23:01:21.0989 3120 aliide - ok
23:01:22.0024 3120 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
23:01:22.0025 3120 amdagp - ok
23:01:22.0043 3120 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
23:01:22.0044 3120 amdide - ok
23:01:22.0080 3120 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
23:01:22.0081 3120 AmdK8 - ok
23:01:22.0098 3120 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
23:01:22.0099 3120 AmdPPM - ok
23:01:22.0124 3120 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
23:01:22.0125 3120 amdsata - ok
23:01:22.0173 3120 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
23:01:22.0175 3120 amdsbs - ok
23:01:22.0214 3120 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
23:01:22.0215 3120 amdxata - ok
23:01:22.0252 3120 ami0nt - ok
23:01:22.0312 3120 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
23:01:22.0313 3120 AppID - ok
23:01:22.0377 3120 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
23:01:22.0378 3120 AppIDSvc - ok
23:01:22.0408 3120 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
23:01:22.0409 3120 Appinfo - ok
23:01:22.0488 3120 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:01:22.0490 3120 Apple Mobile Device - ok
23:01:22.0539 3120 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
23:01:22.0540 3120 AppMgmt - ok
23:01:22.0621 3120 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
23:01:22.0622 3120 arc - ok
23:01:22.0636 3120 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
23:01:22.0637 3120 arcsas - ok
23:01:22.0662 3120 aswtdi - ok
23:01:22.0703 3120 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:01:22.0704 3120 AsyncMac - ok
23:01:22.0718 3120 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
23:01:22.0718 3120 atapi - ok
23:01:22.0795 3120 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:01:22.0800 3120 AudioEndpointBuilder - ok
23:01:22.0809 3120 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:01:22.0813 3120 Audiosrv - ok
23:01:22.0855 3120 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
23:01:22.0856 3120 AxInstSV - ok
23:01:22.0920 3120 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
23:01:22.0923 3120 b06bdrv - ok
23:01:22.0979 3120 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:01:22.0981 3120 b57nd60x - ok
23:01:23.0068 3120 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
23:01:23.0071 3120 BBSvc - ok
23:01:23.0100 3120 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
23:01:23.0103 3120 BBUpdate - ok
23:01:23.0209 3120 BCM43XX (eb7c2dadf52f50f69f198c14c3556dc1) C:\Windows\system32\DRIVERS\bcmwl6.sys
23:01:23.0216 3120 BCM43XX - ok
23:01:23.0254 3120 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
23:01:23.0255 3120 BDESVC - ok
23:01:23.0295 3120 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:01:23.0296 3120 Beep - ok
23:01:23.0370 3120 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
23:01:23.0375 3120 BITS - ok
23:01:23.0392 3120 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:01:23.0393 3120 blbdrive - ok
23:01:23.0416 3120 bmuservice - ok
23:01:23.0505 3120 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
23:01:23.0509 3120 Bonjour Service - ok
23:01:23.0592 3120 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
23:01:23.0593 3120 bowser - ok
23:01:23.0613 3120 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:01:23.0614 3120 BrFiltLo - ok
23:01:23.0624 3120 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:01:23.0625 3120 BrFiltUp - ok
23:01:23.0657 3120 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
23:01:23.0659 3120 Browser - ok
23:01:23.0676 3120 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:01:23.0679 3120 Brserid - ok
23:01:23.0697 3120 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:01:23.0698 3120 BrSerWdm - ok
23:01:23.0761 3120 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:01:23.0762 3120 BrUsbMdm - ok
23:01:23.0783 3120 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:01:23.0783 3120 BrUsbSer - ok
23:01:23.0802 3120 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
23:01:23.0803 3120 BTHMODEM - ok
23:01:23.0849 3120 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
23:01:23.0850 3120 bthserv - ok
23:01:23.0919 3120 cbidf - ok
23:01:24.0015 3120 cbVSCService (ed5411a69c5bac78d245c893af64352a) C:\Program Files\Cobian Backup 10\cbVSCService.exe
23:01:24.0016 3120 cbVSCService - ok
23:01:24.0058 3120 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:01:24.0059 3120 cdfs - ok
23:01:24.0131 3120 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
23:01:24.0132 3120 cdrom - ok
23:01:24.0171 3120 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:01:24.0173 3120 CertPropSvc - ok
23:01:24.0206 3120 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
23:01:24.0207 3120 circlass - ok
23:01:24.0240 3120 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:01:24.0243 3120 CLFS - ok
23:01:24.0322 3120 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:01:24.0324 3120 clr_optimization_v2.0.50727_32 - ok
23:01:24.0405 3120 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:01:24.0407 3120 clr_optimization_v4.0.30319_32 - ok
23:01:24.0465 3120 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
23:01:24.0466 3120 CmBatt - ok
23:01:24.0501 3120 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
23:01:24.0502 3120 cmdide - ok
23:01:24.0546 3120 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
23:01:24.0548 3120 CNG - ok
23:01:24.0585 3120 CnxTrUsb - ok
23:01:24.0695 3120 CobianBackup10 (06302ea7eda9dcdd7f82cec2a03d2015) C:\Program Files\Cobian Backup 10\cbService.exe
23:01:24.0708 3120 CobianBackup10 - ok
23:01:24.0770 3120 comhost - ok
23:01:24.0815 3120 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
23:01:24.0815 3120 Compbatt - ok
23:01:24.0857 3120 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
23:01:24.0857 3120 CompositeBus - ok
23:01:24.0874 3120 COMSysApp - ok
23:01:24.0894 3120 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
23:01:24.0894 3120 crcdisk - ok
23:01:24.0934 3120 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
23:01:24.0936 3120 CryptSvc - ok
23:01:25.0007 3120 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
23:01:25.0010 3120 CSC - ok
23:01:25.0047 3120 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
23:01:25.0054 3120 CscService - ok
23:01:25.0067 3120 ctdvda2k - ok
23:01:25.0098 3120 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:01:25.0102 3120 DcomLaunch - ok
23:01:25.0176 3120 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
23:01:25.0179 3120 defragsvc - ok
23:01:25.0221 3120 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
23:01:25.0222 3120 DfsC - ok
23:01:25.0271 3120 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
23:01:25.0275 3120 Dhcp - ok
23:01:25.0345 3120 digictrl - ok
23:01:25.0388 3120 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:01:25.0389 3120 discache - ok
23:01:25.0422 3120 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
23:01:25.0422 3120 Disk - ok
23:01:25.0442 3120 diskperf - ok
23:01:25.0483 3120 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
23:01:25.0485 3120 Dnscache - ok
23:01:25.0564 3120 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
23:01:25.0567 3120 dot3svc - ok
23:01:25.0610 3120 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
23:01:25.0612 3120 DPS - ok
23:01:25.0648 3120 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:01:25.0648 3120 drmkaud - ok
23:01:25.0689 3120 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
23:01:25.0693 3120 DXGKrnl - ok
23:01:25.0766 3120 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
23:01:25.0768 3120 EapHost - ok
23:01:25.0868 3120 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
23:01:25.0892 3120 ebdrv - ok
23:01:25.0965 3120 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
23:01:25.0966 3120 EFS - ok
23:01:26.0030 3120 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
23:01:26.0037 3120 ehRecvr - ok
23:01:26.0066 3120 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
23:01:26.0067 3120 ehSched - ok
23:01:26.0115 3120 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
23:01:26.0118 3120 elxstor - ok
23:01:26.0179 3120 entech - ok
23:01:26.0202 3120 Epfwndis - ok
23:01:26.0236 3120 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
23:01:26.0236 3120 ErrDev - ok
23:01:26.0285 3120 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
23:01:26.0289 3120 EventSystem - ok
23:01:26.0333 3120 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:01:26.0334 3120 exfat - ok
23:01:26.0383 3120 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:01:26.0385 3120 fastfat - ok
23:01:26.0418 3120 fasttraksvc - ok
23:01:26.0467 3120 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
23:01:26.0471 3120 Fax - ok
23:01:26.0489 3120 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:01:26.0490 3120 fdc - ok
23:01:26.0530 3120 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
23:01:26.0531 3120 fdPHost - ok
23:01:26.0579 3120 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
23:01:26.0580 3120 FDResPub - ok
23:01:26.0610 3120 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:01:26.0611 3120 FileInfo - ok
23:01:26.0621 3120 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:01:26.0621 3120 Filetrace - ok
23:01:26.0645 3120 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:01:26.0645 3120 flpydisk - ok
23:01:26.0665 3120 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:01:26.0667 3120 FltMgr - ok
23:01:26.0708 3120 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
23:01:26.0718 3120 FontCache - ok
23:01:26.0774 3120 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:01:26.0775 3120 FontCache3.0.0.0 - ok
23:01:26.0835 3120 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:01:26.0835 3120 FsDepends - ok
23:01:26.0864 3120 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
23:01:26.0864 3120 Fs_Rec - ok
23:01:26.0913 3120 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
23:01:26.0914 3120 fvevol - ok
23:01:26.0948 3120 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:01:26.0949 3120 gagp30kx - ok
23:01:26.0984 3120 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:01:26.0985 3120 GEARAspiWDM - ok
23:01:27.0037 3120 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
23:01:27.0042 3120 gpsvc - ok
23:01:27.0077 3120 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
23:01:27.0078 3120 hamachi - ok
23:01:27.0101 3120 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:01:27.0101 3120 hcw85cir - ok
23:01:27.0161 3120 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
23:01:27.0163 3120 HdAudAddService - ok
23:01:27.0227 3120 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
23:01:27.0228 3120 HDAudBus - ok
23:01:27.0244 3120 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:01:27.0245 3120 HidBatt - ok
23:01:27.0260 3120 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:01:27.0261 3120 HidBth - ok
23:01:27.0297 3120 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:01:27.0298 3120 HidIr - ok
23:01:27.0327 3120 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
23:01:27.0328 3120 hidserv - ok
23:01:27.0361 3120 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
23:01:27.0362 3120 HidUsb - ok
23:01:27.0429 3120 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
23:01:27.0431 3120 hkmsvc - ok
23:01:27.0459 3120 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
23:01:27.0462 3120 HomeGroupListener - ok
23:01:27.0495 3120 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
23:01:27.0499 3120 HomeGroupProvider - ok
23:01:27.0527 3120 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
23:01:27.0528 3120 HpSAMD - ok
23:01:27.0576 3120 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
23:01:27.0579 3120 HTTP - ok
23:01:27.0637 3120 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
23:01:27.0638 3120 hwpolicy - ok
23:01:27.0663 3120 i2omgmt - ok
23:01:27.0731 3120 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
23:01:27.0731 3120 i8042prt - ok
23:01:27.0775 3120 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\drivers\iaStorV.sys
23:01:27.0777 3120 iaStorV - ok
23:01:27.0865 3120 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:01:27.0875 3120 idsvc - ok
23:01:28.0091 3120 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
23:01:28.0144 3120 igfx - ok
23:01:28.0240 3120 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:01:28.0240 3120 iirsp - ok
23:01:28.0313 3120 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
23:01:28.0318 3120 IKEEXT - ok
23:01:28.0350 3120 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
23:01:28.0350 3120 intelide - ok
23:01:28.0374 3120 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:01:28.0374 3120 intelppm - ok
23:01:28.0397 3120 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
23:01:28.0399 3120 IPBusEnum - ok
23:01:28.0465 3120 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:01:28.0465 3120 IpFilterDriver - ok
23:01:28.0500 3120 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
23:01:28.0501 3120 IPMIDRV - ok
23:01:28.0517 3120 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:01:28.0518 3120 IPNAT - ok
23:01:28.0586 3120 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe
23:01:28.0595 3120 iPod Service - ok
23:01:28.0663 3120 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:01:28.0664 3120 IRENUM - ok
23:01:28.0699 3120 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
23:01:28.0700 3120 isapnp - ok
23:01:28.0739 3120 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
23:01:28.0741 3120 iScsiPrt - ok
23:01:28.0769 3120 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
23:01:28.0770 3120 kbdclass - ok
23:01:28.0824 3120 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
23:01:28.0825 3120 kbdhid - ok
23:01:28.0873 3120 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:01:28.0874 3120 KeyIso - ok
23:01:28.0887 3120 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
23:01:28.0888 3120 KSecDD - ok
23:01:28.0908 3120 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
23:01:28.0910 3120 KSecPkg - ok
23:01:28.0936 3120 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
23:01:28.0941 3120 KtmRm - ok
23:01:29.0013 3120 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
23:01:29.0016 3120 LanmanServer - ok
23:01:29.0054 3120 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
23:01:29.0056 3120 LanmanWorkstation - ok
23:01:29.0082 3120 lhidusb - ok
23:01:29.0130 3120 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:01:29.0130 3120 lltdio - ok
23:01:29.0182 3120 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
23:01:29.0186 3120 lltdsvc - ok
23:01:29.0209 3120 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
23:01:29.0210 3120 lmhosts - ok
23:01:29.0244 3120 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:01:29.0245 3120 LSI_FC - ok
23:01:29.0258 3120 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:01:29.0259 3120 LSI_SAS - ok
23:01:29.0276 3120 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:01:29.0277 3120 LSI_SAS2 - ok
23:01:29.0304 3120 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:01:29.0305 3120 LSI_SCSI - ok
23:01:29.0361 3120 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:01:29.0362 3120 luafv - ok
23:01:29.0378 3120 ma763004 - ok
23:01:29.0463 3120 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
23:01:29.0466 3120 McComponentHostService - ok
23:01:29.0500 3120 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
23:01:29.0502 3120 Mcx2Svc - ok
23:01:29.0559 3120 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:01:29.0560 3120 megasas - ok
23:01:29.0599 3120 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:01:29.0601 3120 MegaSR - ok
23:01:29.0628 3120 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:01:29.0630 3120 MMCSS - ok
23:01:29.0645 3120 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:01:29.0645 3120 Modem - ok
23:01:29.0670 3120 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:01:29.0670 3120 monitor - ok
23:01:29.0754 3120 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
23:01:29.0755 3120 mouclass - ok
23:01:29.0796 3120 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:01:29.0796 3120 mouhid - ok
23:01:29.0832 3120 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
23:01:29.0833 3120 mountmgr - ok
23:01:29.0868 3120 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
23:01:29.0870 3120 mpio - ok
23:01:29.0889 3120 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:01:29.0890 3120 mpsdrv - ok
23:01:29.0953 3120 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
23:01:29.0954 3120 MRxDAV - ok
23:01:29.0991 3120 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:01:29.0992 3120 mrxsmb - ok
23:01:30.0026 3120 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:01:30.0028 3120 mrxsmb10 - ok
23:01:30.0047 3120 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:01:30.0048 3120 mrxsmb20 - ok
23:01:30.0075 3120 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\drivers\msahci.sys
23:01:30.0075 3120 msahci - ok
23:01:30.0119 3120 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\drivers\msdsm.sys
23:01:30.0120 3120 msdsm - ok
23:01:30.0157 3120 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
23:01:30.0160 3120 MSDTC - ok
23:01:30.0205 3120 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:01:30.0206 3120 Msfs - ok
23:01:30.0223 3120 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:01:30.0224 3120 mshidkmdf - ok
23:01:30.0255 3120 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
23:01:30.0256 3120 msisadrv - ok
23:01:30.0297 3120 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
23:01:30.0299 3120 MSiSCSI - ok
23:01:30.0321 3120 msiserver - ok
23:01:30.0364 3120 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:01:30.0365 3120 MSKSSRV - ok
23:01:30.0389 3120 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:01:30.0390 3120 MSPCLOCK - ok
23:01:30.0398 3120 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:01:30.0399 3120 MSPQM - ok
23:01:30.0418 3120 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:01:30.0419 3120 MsRPC - ok
23:01:30.0454 3120 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
23:01:30.0454 3120 mssmbios - ok
23:01:30.0472 3120 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:01:30.0473 3120 MSTEE - ok
23:01:30.0489 3120 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:01:30.0490 3120 MTConfig - ok
23:01:30.0506 3120 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:01:30.0507 3120 Mup - ok
23:01:30.0555 3120 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
23:01:30.0559 3120 napagent - ok
23:01:30.0610 3120 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:01:30.0612 3120 NativeWifiP - ok
23:01:30.0670 3120 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
23:01:30.0675 3120 NDIS - ok
23:01:30.0700 3120 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:01:30.0700 3120 NdisCap - ok
23:01:30.0737 3120 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:01:30.0738 3120 NdisTapi - ok
23:01:30.0789 3120 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
23:01:30.0790 3120 Ndisuio - ok
23:01:30.0821 3120 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
23:01:30.0822 3120 NdisWan - ok
23:01:30.0864 3120 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
23:01:30.0865 3120 NDProxy - ok
23:01:30.0901 3120 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:01:30.0902 3120 NetBIOS - ok
23:01:30.0933 3120 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
23:01:30.0934 3120 NetBT - ok
23:01:30.0973 3120 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:01:30.0974 3120 Netlogon - ok
23:01:31.0024 3120 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
23:01:31.0027 3120 Netman - ok
23:01:31.0044 3120 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
23:01:31.0047 3120 netprofm - ok
23:01:31.0104 3120 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:01:31.0107 3120 NetTcpPortSharing - ok
23:01:31.0174 3120 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:01:31.0175 3120 nfrd960 - ok
23:01:31.0223 3120 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
23:01:31.0226 3120 NlaSvc - ok
23:01:31.0239 3120 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:01:31.0240 3120 Npfs - ok
23:01:31.0274 3120 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
23:01:31.0275 3120 nsi - ok
23:01:31.0290 3120 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:01:31.0291 3120 nsiproxy - ok
23:01:31.0390 3120 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
23:01:31.0397 3120 Ntfs - ok
23:01:31.0440 3120 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:01:31.0440 3120 Null - ok
23:01:31.0475 3120 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
23:01:31.0476 3120 nvraid - ok
23:01:31.0497 3120 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
23:01:31.0498 3120 nvstor - ok
23:01:31.0551 3120 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
23:01:31.0552 3120 nv_agp - ok
23:01:31.0647 3120 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:01:31.0652 3120 odserv - ok
23:01:31.0704 3120 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
23:01:31.0704 3120 ohci1394 - ok
23:01:31.0734 3120 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:01:31.0737 3120 ose - ok
23:01:31.0810 3120 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:01:31.0813 3120 p2pimsvc - ok
23:01:31.0833 3120 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
23:01:31.0837 3120 p2psvc - ok
23:01:31.0867 3120 parallel - ok
23:01:31.0897 3120 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:01:31.0898 3120 Parport - ok
23:01:31.0935 3120 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
23:01:31.0936 3120 partmgr - ok
23:01:31.0985 3120 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:01:31.0985 3120 Parvdm - ok
23:01:32.0018 3120 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
23:01:32.0021 3120 PcaSvc - ok
23:01:32.0063 3120 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
23:01:32.0065 3120 pci - ok
23:01:32.0089 3120 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
23:01:32.0089 3120 pciide - ok
23:01:32.0144 3120 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:01:32.0146 3120 pcmcia - ok
23:01:32.0182 3120 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:01:32.0182 3120 pcw - ok
23:01:32.0235 3120 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:01:32.0239 3120 PEAUTH - ok
23:01:32.0297 3120 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
23:01:32.0304 3120 PeerDistSvc - ok
23:01:32.0390 3120 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
23:01:32.0400 3120 pla - ok
23:01:32.0461 3120 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
23:01:32.0464 3120 PlugPlay - ok
23:01:32.0513 3120 Pml Driver HPZ12 (379f7a0ec9fbe07629fd3f244d3e3e44) C:\Windows\system32\HPZipm12.dll
23:01:32.0514 3120 Pml Driver HPZ12 - ok
23:01:32.0551 3120 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
23:01:32.0553 3120 PNRPAutoReg - ok
23:01:32.0569 3120 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:01:32.0572 3120 PNRPsvc - ok
23:01:32.0602 3120 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
23:01:32.0605 3120 PolicyAgent - ok
23:01:32.0655 3120 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
23:01:32.0657 3120 Power - ok
23:01:32.0706 3120 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:01:32.0707 3120 PptpMiniport - ok
23:01:32.0754 3120 prismxl - ok
23:01:32.0776 3120 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:01:32.0776 3120 Processor - ok
23:01:32.0811 3120 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
23:01:32.0815 3120 ProfSvc - ok
23:01:32.0863 3120 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:01:32.0865 3120 ProtectedStorage - ok
23:01:32.0918 3120 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:01:32.0919 3120 Psched - ok
23:01:32.0953 3120 psdvdisk - ok
23:01:32.0998 3120 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:01:33.0007 3120 ql2300 - ok
23:01:33.0026 3120 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:01:33.0027 3120 ql40xx - ok
23:01:33.0077 3120 QPCapSvc - ok
23:01:33.0109 3120 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
23:01:33.0112 3120 QWAVE - ok
23:01:33.0149 3120 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:01:33.0150 3120 QWAVEdrv - ok
23:01:33.0167 3120 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:01:33.0168 3120 RasAcd - ok
23:01:33.0208 3120 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:01:33.0208 3120 RasAgileVpn - ok
23:01:33.0224 3120 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
23:01:33.0226 3120 RasAuto - ok
23:01:33.0267 3120 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:01:33.0268 3120 Rasl2tp - ok
23:01:33.0301 3120 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
23:01:33.0304 3120 RasMan - ok
23:01:33.0337 3120 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:01:33.0337 3120 RasPppoe - ok
23:01:33.0380 3120 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:01:33.0380 3120 RasSstp - ok
23:01:33.0400 3120 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
23:01:33.0402 3120 rdbss - ok
23:01:33.0437 3120 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:01:33.0438 3120 rdpbus - ok
23:01:33.0462 3120 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:01:33.0462 3120 RDPCDD - ok
23:01:33.0511 3120 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
23:01:33.0513 3120 RDPDR - ok
23:01:33.0548 3120 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:01:33.0549 3120 RDPENCDD - ok
23:01:33.0567 3120 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:01:33.0567 3120 RDPREFMP - ok
23:01:33.0623 3120 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
23:01:33.0624 3120 RDPWD - ok
23:01:33.0688 3120 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
23:01:33.0690 3120 rdyboost - ok
23:01:33.0714 3120 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
23:01:33.0716 3120 RemoteAccess - ok
23:01:33.0746 3120 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
23:01:33.0748 3120 RemoteRegistry - ok
23:01:33.0765 3120 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
23:01:33.0767 3120 RpcEptMapper - ok
23:01:33.0823 3120 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
23:01:33.0825 3120 RpcLocator - ok
23:01:33.0863 3120 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:01:33.0868 3120 RpcSs - ok
23:01:33.0914 3120 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:01:33.0915 3120 rspndr - ok
23:01:33.0936 3120 s116mdfl - ok
23:01:33.0977 3120 s217mgmt - ok
23:01:34.0005 3120 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
23:01:34.0005 3120 s3cap - ok
23:01:34.0038 3120 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:01:34.0040 3120 SamSs - ok
23:01:34.0070 3120 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
23:01:34.0071 3120 sbp2port - ok
23:01:34.0100 3120 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
23:01:34.0103 3120 SCardSvr - ok
23:01:34.0131 3120 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
23:01:34.0132 3120 scfilter - ok
23:01:34.0172 3120 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
23:01:34.0178 3120 Schedule - ok
23:01:34.0238 3120 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:01:34.0239 3120 SCPolicySvc - ok
23:01:34.0270 3120 sdhelper - ok
23:01:34.0319 3120 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
23:01:34.0321 3120 SDRSVC - ok
23:01:34.0356 3120 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:01:34.0357 3120 secdrv - ok
23:01:34.0391 3120 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
23:01:34.0393 3120 seclogon - ok
23:01:34.0421 3120 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
23:01:34.0423 3120 SENS - ok
23:01:34.0490 3120 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
23:01:34.0492 3120 SensrSvc - ok
23:01:34.0508 3120 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:01:34.0509 3120 Serenum - ok
23:01:34.0542 3120 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:01:34.0543 3120 Serial - ok
23:01:34.0580 3120 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:01:34.0581 3120 sermouse - ok
23:01:34.0618 3120 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
23:01:34.0621 3120 SessionEnv - ok
23:01:34.0673 3120 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
23:01:34.0673 3120 sffdisk - ok
23:01:34.0684 3120 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
23:01:34.0684 3120 sffp_mmc - ok
23:01:34.0702 3120 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
23:01:34.0702 3120 sffp_sd - ok
23:01:34.0735 3120 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:01:34.0736 3120 sfloppy - ok
23:01:34.0769 3120 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
23:01:34.0774 3120 SharedAccess - ok
23:01:34.0809 3120 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
23:01:34.0813 3120 ShellHWDetection - ok
23:01:34.0867 3120 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
23:01:34.0868 3120 sisagp - ok
23:01:34.0902 3120 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:01:34.0903 3120 SiSRaid2 - ok
23:01:34.0927 3120 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:01:34.0928 3120 SiSRaid4 - ok
23:01:34.0952 3120 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:01:34.0953 3120 Smb - ok
23:01:35.0014 3120 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
23:01:35.0016 3120 SNMPTRAP - ok
23:01:35.0036 3120 spbbcsvc - ok
23:01:35.0070 3120 SPCtl - ok
23:01:35.0096 3120 speedfan - ok
23:01:35.0124 3120 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:01:35.0125 3120 spldr - ok
23:01:35.0160 3120 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
23:01:35.0164 3120 Spooler - ok
23:01:35.0265 3120 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
23:01:35.0285 3120 sppsvc - ok
23:01:35.0331 3120 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
23:01:35.0333 3120 sppuinotify - ok
23:01:35.0377 3120 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
23:01:35.0379 3120 srv - ok
23:01:35.0436 3120 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
23:01:35.0438 3120 srv2 - ok
23:01:35.0457 3120 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
23:01:35.0458 3120 srvnet - ok
23:01:35.0488 3120 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
23:01:35.0490 3120 SSDPSRV - ok
23:01:35.0525 3120 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
23:01:35.0527 3120 SstpSvc - ok
23:01:35.0556 3120 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:01:35.0556 3120 stexstor - ok
23:01:35.0626 3120 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
23:01:35.0626 3120 StillCam - ok
23:01:35.0661 3120 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
23:01:35.0665 3120 StiSvc - ok
23:01:35.0705 3120 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
23:01:35.0705 3120 storflt - ok
23:01:35.0726 3120 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
23:01:35.0728 3120 StorSvc - ok
23:01:35.0761 3120 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
23:01:35.0762 3120 storvsc - ok
23:01:35.0788 3120 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
23:01:35.0789 3120 swenum - ok
23:01:35.0823 3120 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
23:01:35.0827 3120 swprv - ok
23:01:35.0834 3120 sysdown - ok
23:01:35.0908 3120 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
23:01:35.0917 3120 SysMain - ok
23:01:35.0973 3120 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
23:01:35.0975 3120 TabletInputService - ok
23:01:36.0004 3120 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
23:01:36.0007 3120 TapiSrv - ok
23:01:36.0037 3120 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
23:01:36.0040 3120 TBS - ok
23:01:36.0116 3120 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
23:01:36.0124 3120 Tcpip - ok
23:01:36.0184 3120 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
23:01:36.0192 3120 TCPIP6 - ok
23:01:36.0225 3120 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
23:01:36.0226 3120 tcpipreg - ok
23:01:36.0273 3120 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
23:01:36.0274 3120 TDPIPE - ok
23:01:36.0323 3120 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
23:01:36.0323 3120 TDTCP - ok
23:01:36.0363 3120 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
23:01:36.0364 3120 tdx - ok
23:01:36.0403 3120 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
23:01:36.0404 3120 TermDD - ok
23:01:36.0470 3120 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
23:01:36.0475 3120 TermService - ok
23:01:36.0499 3120 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
23:01:36.0501 3120 Themes - ok
23:01:36.0543 3120 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:01:36.0545 3120 THREADORDER - ok
23:01:36.0567 3120 transarcafsdaemon - ok
23:01:36.0587 3120 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
23:01:36.0589 3120 TrkWks - ok
23:01:36.0616 3120 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
23:01:36.0619 3120 TrustedInstaller - ok
23:01:36.0649 3120 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:01:36.0649 3120 tssecsrv - ok
23:01:36.0731 3120 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
23:01:36.0732 3120 TsUsbFlt - ok
23:01:36.0784 3120 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
23:01:36.0785 3120 tunnel - ok
23:01:36.0811 3120 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:01:36.0812 3120 uagp35 - ok
23:01:36.0820 3120 UBHelper - ok
23:01:36.0862 3120 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
23:01:36.0864 3120 udfs - ok
23:01:36.0903 3120 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
23:01:36.0905 3120 UI0Detect - ok
23:01:36.0989 3120 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
23:01:36.0990 3120 uliagpkx - ok
23:01:37.0023 3120 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
23:01:37.0023 3120 umbus - ok
23:01:37.0043 3120 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:01:37.0044 3120 UmPass - ok
23:01:37.0078 3120 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
23:01:37.0081 3120 UmRdpService - ok
23:01:37.0114 3120 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
23:01:37.0117 3120 upnphost - ok
23:01:37.0198 3120 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
23:01:37.0199 3120 USBAAPL - ok
23:01:37.0238 3120 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
23:01:37.0239 3120 usbccgp - ok
23:01:37.0272 3120 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
23:01:37.0273 3120 usbcir - ok
23:01:37.0299 3120 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
23:01:37.0299 3120 usbehci - ok
23:01:37.0373 3120 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
23:01:37.0375 3120 usbhub - ok
23:01:37.0396 3120 USBMN1X1 - ok
23:01:37.0415 3120 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
23:01:37.0415 3120 usbohci - ok
23:01:37.0448 3120 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:01:37.0448 3120 usbprint - ok
23:01:37.0481 3120 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
23:01:37.0481 3120 usbscan - ok
23:01:37.0510 3120 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:01:37.0511 3120 USBSTOR - ok
23:01:37.0589 3120 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
23:01:37.0590 3120 usbuhci - ok
23:01:37.0642 3120 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
23:01:37.0643 3120 usbvideo - ok
23:01:37.0664 3120 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
23:01:37.0666 3120 UxSms - ok
23:01:37.0697 3120 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:01:37.0698 3120 VaultSvc - ok
23:01:37.0774 3120 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
23:01:37.0775 3120 vdrvroot - ok
23:01:37.0814 3120 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
23:01:37.0819 3120 vds - ok
23:01:37.0838 3120 vet-filt - ok
23:01:37.0872 3120 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:01:37.0872 3120 vga - ok
23:01:37.0886 3120 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:01:37.0887 3120 VgaSave - ok
23:01:37.0917 3120 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
23:01:37.0919 3120 vhdmp - ok
23:01:37.0988 3120 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
23:01:37.0989 3120 viaagp - ok
23:01:38.0009 3120 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:01:38.0010 3120 ViaC7 - ok
23:01:38.0029 3120 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
23:01:38.0030 3120 viaide - ok
23:01:38.0050 3120 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
23:01:38.0052 3120 vmbus - ok
23:01:38.0068 3120 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
23:01:38.0069 3120 VMBusHID - ok
23:01:38.0105 3120 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
23:01:38.0105 3120 volmgr - ok
23:01:38.0190 3120 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:01:38.0192 3120 volmgrx - ok
23:01:38.0231 3120 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
23:01:38.0233 3120 volsnap - ok
23:01:38.0262 3120 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:01:38.0263 3120 vsmraid - ok
23:01:38.0330 3120 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
23:01:38.0337 3120 VSS - ok
23:01:38.0412 3120 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
23:01:38.0413 3120 vwifibus - ok
23:01:38.0442 3120 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
23:01:38.0443 3120 vwififlt - ok
23:01:38.0459 3120 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
23:01:38.0459 3120 vwifimp - ok
23:01:38.0499 3120 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
23:01:38.0503 3120 W32Time - ok
23:01:38.0523 3120 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:01:38.0524 3120 WacomPen - ok
23:01:38.0608 3120 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:01:38.0609 3120 WANARP - ok
23:01:38.0613 3120 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:01:38.0614 3120 Wanarpv6 - ok
23:01:38.0622 3120 wandrv - ok
23:01:38.0688 3120 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
23:01:38.0701 3120 WatAdminSvc - ok
23:01:38.0753 3120 WaveFDE - ok
23:01:38.0807 3120 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
23:01:38.0816 3120 wbengine - ok
23:01:38.0867 3120 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
23:01:38.0870 3120 WbioSrvc - ok
23:01:38.0901 3120 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
23:01:38.0904 3120 wcncsvc - ok
23:01:38.0923 3120 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
23:01:38.0925 3120 WcsPlugInService - ok
23:01:38.0989 3120 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:01:38.0990 3120 Wd - ok
23:01:39.0014 3120 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:01:39.0017 3120 Wdf01000 - ok
23:01:39.0034 3120 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:01:39.0037 3120 WdiServiceHost - ok
23:01:39.0050 3120 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:01:39.0053 3120 WdiSystemHost - ok
23:01:39.0094 3120 WD_FireWire_HID - ok
23:01:39.0164 3120 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
23:01:39.0167 3120 WebClient - ok
23:01:39.0182 3120 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
23:01:39.0185 3120 Wecsvc - ok
23:01:39.0198 3120 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
23:01:39.0200 3120 wercplsupport - ok
23:01:39.0235 3120 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
23:01:39.0237 3120 WerSvc - ok
23:01:39.0285 3120 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:01:39.0285 3120 WfpLwf - ok
23:01:39.0326 3120 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:01:39.0327 3120 WIMMount - ok
23:01:39.0337 3120 WinHttpAutoProxySvc - ok
23:01:39.0389 3120 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
23:01:39.0391 3120 Winmgmt - ok
23:01:39.0438 3120 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
23:01:39.0447 3120 WinRM - ok
23:01:39.0512 3120 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
23:01:39.0513 3120 WinUsb - ok
23:01:39.0580 3120 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
23:01:39.0587 3120 Wlansvc - ok
23:01:39.0619 3120 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
23:01:39.0619 3120 WmiAcpi - ok
23:01:39.0673 3120 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
23:01:39.0675 3120 wmiApSrv - ok
23:01:39.0750 3120 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
23:01:39.0761 3120 WMPNetworkSvc - ok
23:01:39.0829 3120 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
23:01:39.0831 3120 WPCSvc - ok
23:01:39.0867 3120 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
23:01:39.0869 3120 WPDBusEnum - ok
23:01:39.0908 3120 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:01:39.0909 3120 ws2ifsl - ok
23:01:39.0951 3120 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
23:01:39.0952 3120 WSDPrintDevice - ok
23:01:40.0002 3120 WSearch - ok
23:01:40.0063 3120 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
23:01:40.0076 3120 wuauserv - ok
23:01:40.0108 3120 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
23:01:40.0109 3120 WudfPf - ok
23:01:40.0135 3120 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:01:40.0136 3120 WUDFRd - ok
23:01:40.0207 3120 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
23:01:40.0210 3120 wudfsvc - ok
23:01:40.0243 3120 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
23:01:40.0246 3120 WwanSvc - ok
23:01:40.0301 3120 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys
23:01:40.0304 3120 yukonw7 - ok
23:01:40.0353 3120 z800mdm - ok
23:01:40.0374 3120 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:01:41.0092 3120 \Device\Harddisk0\DR0 - ok
23:01:41.0123 3120 Boot (0x1200) (6f9fcab6f335d724a06d0c8cf68cf67a) \Device\Harddisk0\DR0\Partition0
23:01:41.0124 3120 \Device\Harddisk0\DR0\Partition0 - ok
23:01:41.0135 3120 Boot (0x1200) (788cd54afa5cc9f1a233b859edf3e3a9) \Device\Harddisk0\DR0\Partition1
23:01:41.0136 3120 \Device\Harddisk0\DR0\Partition1 - ok
23:01:41.0137 3120 ============================================================
23:01:41.0137 3120 Scan finished
23:01:41.0137 3120 ============================================================
23:01:41.0149 3384 Detected object count: 0
23:01:41.0149 3384 Actual detected object count: 0




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-22 23:02:43
-----------------------------
23:02:43.079 OS Version: Windows 6.1.7601 Service Pack 1
23:02:43.079 Number of processors: 2 586 0x170A
23:02:43.080 ComputerName: JOE-PC UserName: Joe
23:02:44.433 Initialize success
23:04:51.745 AVAST engine defs: 12042201
23:05:28.091 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:05:28.095 Disk 0 Vendor: TOSHIBA_MK3261GSY MC000D Size: 305245MB BusType: 11
23:05:28.110 Disk 0 MBR read successfully
23:05:28.116 Disk 0 MBR scan
23:05:28.123 Disk 0 Windows 7 default MBR code
23:05:28.134 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
23:05:28.147 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
23:05:28.157 Disk 0 scanning sectors +625139712
23:05:28.247 Disk 0 scanning C:\Windows\system32\drivers
23:05:38.075 Service scanning
23:06:00.598 Modules scanning
23:06:06.303 Disk 0 trace - called modules:
23:06:06.310 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
23:06:06.311 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x860f1a38]
23:06:06.312 3 CLASSPNP.SYS[8c3bd59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85c06908]
23:06:07.819 AVAST engine scan C:\Windows
23:06:10.920 AVAST engine scan C:\Windows\system32
23:08:26.500 AVAST engine scan C:\Windows\system32\drivers
23:08:36.850 AVAST engine scan C:\Users\Joe
23:11:36.820 AVAST engine scan C:\ProgramData
23:12:21.020 Scan finished successfully
23:12:40.759 Disk 0 MBR has been saved successfully to "C:\Users\Joe\Documents\MBR.dat"
23:12:40.767 The log file has been saved successfully to "C:\Users\Joe\Documents\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 AM

Posted 22 April 2012 - 07:40 PM

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#5 03holtj

03holtj
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 23 April 2012 - 10:51 AM

C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.04.2012_13.45.55\rtkt0000\svc0000\tsk0000.dta Win32/Sirefef.DA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.04.2012_13.45.55\rtkt0000\zafs0000\tsk0002.dta Win32/Sirefef.DN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.04.2012_13.45.55\rtkt0000\zafs0000\tsk0008.dta Win32/Sirefef.ES trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.04.2012_13.45.55\rtkt0000\zafs0000\tsk0010.dta a variant of Win32/Sirefef.EU trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.04.2012_13.45.55\zaea0000\svc0000\tsk0000.dta Win32/Sirefef.ER trojan cleaned by deleting - quarantined
C:\Users\Joe\AppData\Local\Temp\tbbabylon.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Joe\AppData\Local\Temp\889B38D9-BAB0-7891-A974-5AE592D9EE5A\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Joe\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application deleted - quarantined
C:\Users\l.Joe-PC.003\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GWU30NBF\3[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\primkhi.dll a variant of Win32/TrojanProxy.Agent.NIM trojan cleaned by deleting - quarantined
C:\Windows\Temp\pjvinn\setup.exe probably a variant of Win32/TrojanProxy.Agent.GSWOFQJ trojan cleaned by deleting - quarantined










MiniToolBox by Farbar Version: 18-01-2012
Ran by Joe (administrator) on 23-04-2012 at 16:47:55
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Joe-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
System Quarantine State . . . . . : Not Restricted


Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 70-F1-A1-DA-00-85
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 70-F1-A1-DA-00-85
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::38fd:5ce4:9f84:ec4d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 23 April 2012 16:01:55
Lease Expires . . . . . . . . . . : 23 April 2012 17:43:43
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 225505697
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-2D-E7-8A-F0-4D-A2-7E-62-3A
DNS Servers . . . . . . . . . . . : 194.168.4.100
194.168.8.100
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : F0-4D-A2-7E-62-3A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.inuknetworks.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A0CCA7C4-9522-427F-9BE6-71FAEF7D457D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.bris.ac.uk:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: google.com
Addresses: 173.194.34.73
173.194.34.78
173.194.34.68
173.194.34.66
173.194.34.70
173.194.34.72
173.194.34.69
173.194.34.65
173.194.34.67
173.194.34.64
173.194.34.71


Pinging google.com [173.194.34.66] with 32 bytes of data:
Reply from 173.194.34.66: bytes=32 time=68ms TTL=54
Reply from 173.194.34.66: bytes=32 time=60ms TTL=54

Ping statistics for 173.194.34.66:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 68ms, Average = 64ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=545ms TTL=48
Reply from 98.139.183.24: bytes=32 time=565ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 545ms, Maximum = 565ms, Average = 555ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...70 f1 a1 da 00 85 ......Microsoft Virtual WiFi Miniport Adapter
11...70 f1 a1 da 00 85 ......Dell Wireless 1397 WLAN Mini-Card
10...f0 4d a2 7e 62 3a ......Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.4 286
192.168.0.4 255.255.255.255 On-link 192.168.0.4 286
192.168.0.255 255.255.255.255 On-link 192.168.0.4 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.4 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.4 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 286 fe80::/64 On-link
11 286 fe80::38fd:5ce4:9f84:ec4d/128
On-link
1 306 ff00::/8 On-link
11 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 mswsock.dll [File Not found] ()
Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/23/2012 04:43:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1421591

Error: (04/23/2012 04:43:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1421591

Error: (04/23/2012 04:43:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/23/2012 04:22:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 153178

Error: (04/23/2012 04:22:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 153178

Error: (04/23/2012 04:22:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/23/2012 04:22:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 152179

Error: (04/23/2012 04:22:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 152179

Error: (04/23/2012 04:22:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/23/2012 04:22:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 151181


System errors:
=============
Error: (04/23/2012 04:48:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (04/23/2012 04:47:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (04/23/2012 04:47:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

Error: (04/23/2012 04:46:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (04/23/2012 04:46:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (04/23/2012 04:45:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CscService service.

Error: (04/23/2012 04:45:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (04/23/2012 04:44:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

Error: (04/23/2012 04:44:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (04/23/2012 04:43:37 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 Plugin (Version: 11.2.202.228)
Adobe Reader 9.4.3 (Version: 9.4.3)
Apple Application Support (Version: 1.5.0)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
Babylon toolbar on IE
Bing Bar (Version: 7.1.361.0)
Bonjour (Version: 2.0.4.0)
Cobian Backup 10
ESET Online Scanner v3
HP Deskjet 1050 J410 series Basic Device Software (Version: 20.0.771.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.56.56)
HP Deskjet 1050 J410 series Product Improvement Study (Version: 20.0.771.0)
HP Officejet 6500 E710n-z Basic Device Software (Version: 22.50.231.0)
HP Officejet 6500 E710n-z Help (Version: 140.0.2.2)
HP Officejet 6500 E710n-z Product Improvement Study (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
I.R.I.S. OCR (Version: 12.3.4.0)
iTunes (Version: 10.2.1.1)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 3 (Version: 7.0.30)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Marketsplash Shortcuts (Version: 1.0.1.7)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Mozilla Firefox 11.0 (x86 en-GB) (Version: 11.0)
QuickTime (Version: 7.69.80.9)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 3544.36 MB
Available physical RAM: 2363.45 MB
Total Pagefile: 7087.01 MB
Available Pagefile: 5854.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.75 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:297.99 GB) (Free:243.96 GB) NTFS

========================= Users: ========================================

User accounts for \\JOE-PC

Administrator Guest Joe
m


**** End of log ****







Farbar Service Scanner Version: 16-04-2012
Ran by Joe (administrator) on 23-04-2012 at 16:50:23
Running from "C:\Users\Joe\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to retrieve start type of wscsvc. The value does not exist.
Checking ImagePath: Attention! Unable to retrieve ImagePath of wscsvc. The value does not exist.
Unable to retrieve ServiceDll of wscsvc. The value does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: Attention! Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 AM

Posted 23 April 2012 - 12:50 PM

To be on safer side before running registry fixes i would suggest you to

Download

http://www.snapfiles.com/get/erunt.html

Install it and backup your registry to C:/Windows/erdnt

Now Download the registry files

http://www.mediafire.com/?317ea53a883288d

http://www.mediafire.com/?z6aw8j7997qa7j9

http://www.mediafire.com/?uo36rkbqarxd618

http://www.mediafire.com/?vujckeuo1repw9v

Download these files

Launch them one by one,click YES when you get a prompt


If it opens as a notepad,right click on them

Click on OPEN WITH

Click on BROWSE

navigate to C:/WINDOWS and select REGEDIT and click ok

Now you should get a UAC prompt,click YES

Restart your PC

Now,press windows+R key and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok


Now,press Windows+R key and type

services.msc and click ok

start base filtering engine service and then windows firewall service

Post the new FSS log

Good luck

#7 03holtj

03holtj
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 23 April 2012 - 04:34 PM

Sorry I couldn't find REGEDIT in C:/WINDOWS.

#8 03holtj

03holtj
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 23 April 2012 - 04:47 PM

Don't worry I've found it sorry.

#9 03holtj

03holtj
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 23 April 2012 - 04:55 PM

Farbar Service Scanner Version: 16-04-2012
Ran by Joe (administrator) on 23-04-2012 at 22:55:33
Running from "C:\Users\Joe\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#10 03holtj

03holtj
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 23 April 2012 - 05:00 PM

My homepage on firefox is still internet banking, even when i change it.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 AM

Posted 23 April 2012 - 09:06 PM

Reinstall firefox and see if it works

good luck

#12 03holtj

03holtj
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 24 April 2012 - 03:06 AM

That seems to have worked, but I suppose I'd better check with my bank once I log in.

Thank you very much for your help.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 AM

Posted 24 April 2012 - 10:05 AM

Very well then

Uninstall babylon toolbar on IE

Download

http://go.microsoft.com/?linkid=9668866

Run it,

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#14 03holtj

03holtj
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 24 April 2012 - 12:52 PM

Thank you

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 AM

Posted 24 April 2012 - 01:03 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users